It wasn’t long after the FBI started investigating the Sony Pictures Entertainment hack that it reached the conclusion that this was orchestrated by North Korea. This allegation was denied by the reclusive country but the FBI stuck to its guns even when many cybersecurity professionals started questioning just how the FBI had reached this conclusion. Now, as we reported earlier today, FBI director James Comey has provided more details about how they found North Korea to be involved in the Sony hack.
Comey was speaking at a cybersecurity conference in New York City today and that’s where he went into more detail about this hack. He said that the hackers, which called themselves the Guardians of Peace, “got sloppy” when hiding their IP addresses and this led the FBI to determine emails and messages being sent to Sony employees from coming from North Korea.
“I have very high confidence about this attribution,” Comy told the audience today, saying “we know who hacked Sony. It was the North Koreans.”
It wouldn’t be a long shot to expect government involvement in a hack originating from North Korean internet connections. The regime has strict control over who gets access to the internet so it is highly unlikely for someone to hijack an IP originating from the Hermit Kingdom without the regime knowing about it.
When it initially pointed the finger at DPRK, the FBI referenced some evidence that couldn’t be made public, and it sticks to that line this very day. But for the director to come out himself and reiterate the bureau’s stance it seems intense speculation about the hack being an inside job hasn’t really shaken the FBI’s focus.